bartgloudemans
commented
7 years ago @willpower232 could you elaborate?
Closed bartgloudemans closed 7 years ago
bartgloudemans
commented
7 years ago @willpower232 could you elaborate?
tstrijdhorst
commented
7 years ago I might be biased, but +1 ;)
TwoFactorAuth as a package doesn't really make sense. Any auth method could be used as two factor not just TOTP. You could also have a password and a cryptographically secure random string via SMS or any other combination of authentication methods (preferably with an out of bounds channel though).
Library looks great though, would be a shame if it lacks popularity because of such a minor conceptual issue.
RobThree
commented
7 years ago This project once started out to become more than TOTPAuth but it never came to that (and probably never will since I have no need for anything more in this project). I do agree TOTPAuth would be a better name, though I'm not sure on how to rename it without affecting or disrupting packagemanagers or people using the current lib in their project. I'm not sure renaming the project would be worth the inconvenience(s) caused.
tstrijdhorst
commented
7 years ago I get your problem. I think the most graceful way might be to fork it with a different name and move the main repo there. I'm not sure either how to do this gracefully.
I would consider renaming the library from
TwoFactorAuthtoTOTPAuth, since in itself this is not a 2-factor authentication library. It is potentially part of a 2-factor authentication setup when implemented alongside a second authentication method.Renaming the library might help making it somewhat easier to find too. Though, that's just guessing.